IOActive security consultant Mario Ballano has discovered two critical cybersecurity vulnerabilities affecting Stratos Global’s AmosConnect communication shipboard platform.
About AmosConnect
Stratos Global is a leading provider of maritime communications services, and its solutions are used on thousands of ships around the world.
The AmosConnect platform works in conjunction with the ships’ satellite equipment, and integrates vessel and shore-based office applications, as well as provides services like Internet access for the crew, email, IM, position reporting, etc.
AmosConnect is usually deployed on ships’ IT systems network, which is typically separated from the their navigation systems network, Industrial Control Systems network, and BYOD network.
The vulnerabilities
The first vulnerability is a blind SQL injection in a login form. Attackers that successfully exploit it can retrieve credentials to log into the service and access sensitive information stored in it.
The second one is a built-in backdoor account with full system privileges. “Among other things, this vulnerability allows attackers to execute commands with SYSTEM privileges on the remote system by abusing AmosConnect Task Manager,” Bellano shared.
The found flaws can be exploited only by an attacker that has access to the ship’s IT systems network, he noted, but on some ships the various networks might not be segmented, or AmosConnect might be exposed to one or more of them.
“A typical scenario would make AmosConnect available to both the BYOD ‘guest’ and IT networks; one can easily see how these vulnerabilities could be exploited by a local attacker to pivot from the guest network to the IT network. Also, some the vulnerabilities uncovered during our [earlier] SATCOM research might enable attackers to access these systems via the satellite link,” he added.
What should customers do?
The vulnerabilities were found in AmosConnect 8.4.0, and Stratos Global was notified a year ago.
But Inmarsat won’t fix them, and has discontinued the 8.0 version of the platform in June 2017. They advise customers to revert back to AmosConnect 7.0 or switch to an email solution from one of their approved partners.
“Essentially anyone interested in sensitive company information or looking to attack a vessel’s IT infrastructure could take advantage of these flaws. This leaves crew member and company data extremely vulnerable, and could present risks to the safety of the entire vessel,” Ballano says.
“Maritime cyber security must be taken seriously as our global logistics supply chain relies on it and as cyber criminals increasingly find new methods of attack.”
from Help Net Security http://ift.tt/2xpNlvL
No comments:
Post a Comment